Month: February 2015

Logstash-Forwarder Logs Flooded with “Socket error, will reconnect…broken pipe”

I was getting a flood of errors on some of my logstash-forwarding machines today:

Feb 23 17:08:43 lg1 :43-08:00 ash-forwarder[22493]: 2015/02/23 17:08:43.184108 Registrar received 5 events
Feb 23 17:08:49 lg1 :49-08:00 ash-forwarder[22493]: 2015/02/23 17:08:49.625239 Socket error, will reconnect: write tcp ipaddress:5000: broken pipe
Feb 23 17:08:50 lg1 :50-08:00 ash-forwarder[22493]: 2015/02/23 17:08:50.625656 Setting trusted CA from file: /etc/pki/tls/certs/logstash-forwarder.crt
Feb 23 17:08:50 lg1 :50-08:00 ash-forwarder[22493]: 2015/02/23 17:08:50.627188 Connecting to ipaddress:5000 (ipaddress) 
Feb 23 17:08:50 lg1 :50-08:00 ash-forwarder[22493]: 2015/02/23 17:08:50.682474 Connected to ipaddress
Feb 23 17:08:50 lg1 :50-08:00 ash-forwarder[22493]: 2015/02/23 17:08:50.683530 Registrar received 5 events

With this repeating over and over every second. It turns out that one old certificate on one shipping machine can reset all of the other machines’ connections. I found the old cert on one of the servers, added the new one and restarted the logstash-forwarder service, and all the messages went away.

Source: https://github.com/elasticsearch/logstash-forwarder/issues/160

LibreOffice Base: Connecting to MSSQL in Linux

First, download the SQL JDBC Driver from Microsoft.

  1. Extract the JDBC drivers somewhere. There’s a series of folders and a Jar file that we’ll be getting.
  2. Once you’ve downloaded that, open LibreOffice Calc or Writer.
  3. Go to Options->AdvancedScreenshot from 2015-02-23 13:38:37
  4. Click Class Path on the right and choose Add Archive from below:Screenshot from 2015-02-23 13:38:46
  5. Navigate to your file and choose sqljdbc4.jar
  6. Restart LO and you should be ready to connect.
  7. Open LO Base
  8. Choose Connect to an Existing Database, Type is JDBCScreenshot from 2015-02-23 13:48:01
  9. In the Datasource URL:
    1. sqlserver://ipaddress:1433;databaseName=DBNAMEHERE
  10. In the JDBC Driver Class:
    1. com.microsoft.sqlserver.jdbc.SQLServerDriver
  11. Enter your credentials and test, you should be good to go!

KVM: Getting Bonding, Bridges, VLANs and Macvtap Playing Nice Together

I finally made the jump from using a Physical Ethernet -> VLAN -> Bridge stack to Physical Ethernet Devices -> Bond -> VLANs ->MacvTap. Notice bridges are not included, that’s because they don’t work with Linux bonding, you need to use Macvtap interfaces.

Here’s a sample configuration (you’ll need to install ifenslave & vlan if you haven’t already):

# The loopback network interface
auto lo
iface lo inet loopback

#Intel Interface #1
auto p4p1
iface p4p1 inet manual
    bond-master bond0

#Intel Interface #2
auto p4p2
iface p4p2 inet manual
    bond-master bond0

#Onboard Intel NIC
auto eth0
iface eth0 inet manual
    bond-master bond0

#Primary Bond Interface
auto bond0
iface bond0 inet manual
bond-miimon 100 # Specifies the MII link monitoring frequency in milliseconds. This determines how often the link state of each slave is inspected for link failures.
bond-downdelay 200 # Specifies the time, in milliseconds, to wait before disabling a slave after a link failure has been detected.
bond-updelay 200 # Specifies the time, in milliseconds, to wait before enabling a slave after a link recovery has been detected.
bond-mode 0 # round robin (think of it as network raid 0)
bond-slaves none # defined in the interfaces above with bond-master

#DMZ VLAN
auto bond0.11 # this sets a vlan tag of 11 for all traffic on this interface
iface bond0.11 inet manual
    vlan-raw-device bond0

So, the above will aggregate three NICs and round robin packets across the three interfaces to get the combined output of the three. Once you’ve setup the above, you can go into virt-manager and add a Macvtap interface paired to either the bond0 interface or one of you VLAN bonded interfaces.

I set mine as virtio and mode of bridge. This allows other guests in the same vlan to communicate within the host.

High CPU Usage in QEMU/KVM for Windows 7/8/2008 R2 Guest

It may be QXL. If you have SPICE graphics enabled (probably affects VNC too), check to see if you’re using QXL. Changing it from QXL to VMware’s VMVGA took idle CPU usage of 10%-30% to 3-7%.

Virt-Manager has a bug in it that won’t let you change it from QXL, so go to the command line and type in:

virsh edit domainname

Go down to to the video section and update the model type to be:

 

Shutdown and start the Windows guest again and you should be good to go.